It seems that Citrix has an alternate directory where it stores it’s trusted cert’s / certificate authorities. Even though you can see that the server’s certificate is trusted (by root CA’s) via a web browser, we need to copy those to the correct directory. My company (Activlan) had to renew our certificate installed on our Citrix Secure Gateway 3.1.3. As you might know, Citrix has issued some virtual appliance and I had to chose between, Citrix Access Gateway 4.6.2 VPX and Netscaller VPX Express. My choice was to integrate a Citrix Access Gateway (CAG) mainly because we are using other product. Welcome to LinuxQuestions.org, a friendly and active Linux Community. You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. That’s really helpful, thanks for posting that. My usecase is: Citrix Workspace 1912 PopOS 19.10 (Ubuntu based) Solutions did the same as the guys above. After we updated our certificate, we still needed to update the client (citrix client, that is) for it to trust the certificate properly. The webpage trusted it (we are using the web interface), so the chain is ok and everything. But the client still denied it. After we installed the latest version of Citrix receiver, everything works fine.
Deer avenger 4. Important:
Design software with pergolas. If you don’t know or understand certificates / root and intermediate certificate authorities, get someone who understands to follow below instructions.
I tried connecting to the company’s citrix server, but kept hitting the same error when I tried to open the connection:
It seems that Citrix has an alternate directory where it stores it’s trusted cert’s / certificate authorities. Leonard ravenhill books pdf. Even though you can see that the server’s certificate is trusted (by root CA’s) via a web browser, we need to copy those to the correct directory.
In short: Copy the root and intermediate CA’s to this directory: /opt/Citrix/ICAClient/keystore/cacerts
Long version;
Ssl Error 61 Citrix Receiver Ubuntu 20.04
Ssl Error 61 Safari
- Go to your company’s Citrix site and click the green HTTPS lock on the left side of the address bar.
- Click on “More info” as long as you need to get to see the certificate(s) that your Citrix site uses
- Export all certificates (Root CA, Intermediate CA and your server’s certificate) to a temporary directory
- Use the sudo command to copy these certificates to /opt/Citrix/ICAClient/keystore/cacerts
- Open the citrix connection and bask in the glory of your company’s terminal server.